1. Field of the Invention
The present invention relates to the field of session management in a distributed client server application environment, and more particularly to session management in an aggregated application environment.
2. Description of the Related Art
Distributing content about large computer communications networks is not without its challenges. In particular, the quantity of content available for distribution in a computer communications network often varies proportionally to the size of the computer communications network. At the extreme, the Internet hosts a vast quantity of content not easily accessible by most end-users. Portals represent a sensible solution to the problem of aggregating content through a channel paradigm in a single, network-addressable location. In consequence, portals have become the rage in content distribution.
Portlets are the visible active application components included as part of portal pages. Similar to the graphical windows paradigm of windowing operating systems, each portlet in a portal occupies a portion of the portal page through which the portlet can display associated content from a portlet channel. Portlets are known to include both simple applications such as n electronic mail client, and also more complex applications such as forecasting output from a customer relationship management system. The prototypical portlet can be implemented as server-side scripts executed through a portal server.
From the end-user perspective, a portlet is a content channel or application to which the end-user can subscribe. By comparison, from the perspective of the content provider, a portlet is a means through which content can be distributed in a personalized manner to a subscribing end-user. Finally, from the point of view of the portal, a portlet merely is a component which can be rendered within the portal page. In any case, by providing one or more individually selectable and configurable portlets in a portal, portal providers can distribute content and applications through a unified interface in a personalized manner according to the preferences of the end-user.
Portal servers are computer programs which facilitate the distribution of portal based Web sites on the public Internet or a private intranet. Importantly, it will be recognized by one of ordinary skill in the art that the signature characteristic of all conventional portal servers can include the aggregation of content from several portlet applications within a single distributable page in a uniform manner. To that end, each portlet application within the portal page can be represented by a portlet user interface distributed by the portal server to requesting client computing devices.
Despite the inclusion of each portlet application in a single, portal environment, each portlet application can require the creation of a separate session as between the portlet application and back-end systems application on behalf of an interacting user. Specifically, the session can be used to facilitate access control to the data for the portlet application. To avoid the clumsiness of multiple authentication processes for each portlet application in a portal environment, a single sign-on (SSO) authentication process can be included in the portal environment. In an SSO authentication process, an interacting user can provide authentication data once and the SSO authentication process can provide the authentication data to each dependent application.
Notwithstanding the conveniences of the SSO authentication process, individual portlet applications, for the sake of security, often monitor interactions with interacting users. When too much time has elapsed since a last interaction with an interacting user, the session established with the interacting user can be terminated thereby forcing the interacting user to re-authenticate at a later time. Yet, in a portal environment, an interacting user may allow one portlet application to go idle while interacting with other portlet applications in the portal environment. To require re-authentication for idled portlet applications, however, can defeat the convenience of the SSO authentication process.